/*
 * Copyright (c) 2021 com.youkeyi. All rights reserved.
 *
 *  @author liuxiawang
 *  @location Shenzhen.China
 *  @date 4/8/21 3:55 PM
 */

package com.youkeyi.ddy.cloud.common.interceptor;

import org.springframework.stereotype.Component;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 功能角色权限拦截器
 *
 * @Author liuxiawang
 * @Date 2021-04-08 15:55
 * @Location shenzhen.china
 */
@Component
public class FunctionRolePermissionsInterceptor extends HandlerInterceptorAdapter {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // 1。获取当前登录用户有哪些权限
        // 2。获取当前请求接口的权限码
        // 3。匹配当前权限码是否在登录用户的权限列表中
        // TODO: 4/14/22 后面再放开注释做功能权限校验
//        List<String> authPrimaryKeys = YoukeyiSystemContext.getAuthPrimaryKeys();
//        if (CollectionUtils.isNotEmpty(authPrimaryKeys)) {
//            String authCode = request.getHeader("authCode"); // 从 http 请求头中取出 authCode
//            if (StringUtils.isNotBlank(authCode)) {
//                if (authPrimaryKeys.contains(authCode)) {
//                    return super.preHandle(request, response, handler);
//                }
//            }
//        }
//
//        response.setStatus(403);
//        OutputStream out = response.getOutputStream();
//        Map<String, Object> resultMap = new HashMap<String, Object>();
//        resultMap.put("code", "403");
//        resultMap.put("message", "暂无权限使用此功能");
//        out.write(JSON.toJSONString(resultMap).getBytes());
//        return false;

        return super.preHandle(request, response, handler);
    }
}
